Only 49% of respondents are confident their employees fully understand AI related threats.

60% of organizations lack confidence in detecting unregulated AI deployments (shadow AI).

96% of organizations are making changes to their IT environment at least quarterly

The average ransom demand in the latter half of 2024 fell below $1 million for the first time in more than two years.

BEC claims severity increased by 23% in 2024.

22% of employees have unrestricted access to public GenAI.

60% of IT teams are unaware of employee interactions with GenAI.

UK cyber claims in 2024 decreased by 20% compared to the spike seen in 2023.

Despite the 20% decrease from 2023, UK cyber claims in 2024 remained approximately one-third higher than the totals recorded for 2020, 2021, and 2022.

Black Basta accounted for just 3% of all ransomware claims in 2024.

The average total IT security budget for U.S. enterprises is $1.77 million.

70% of organizations use AI for response and recovery.

In multi-vector DDoS attacks, threat actors rotate between protocols every 30–60 seconds.

89% of organizations use AI to understand threats better.

58% of respondents view external threats (like malicious actors and state-affiliated groups) as more significant than internal threats (42%).

Nearly 20% of data breach victims were U.S. organizations.

2.9 billion unique sets of compromised credentials identified in 2024. This is an increase from 2.2 billion in 2023.

Looking at specific periods, Q3 2024 experienced the second-highest level of activity in cyber claims recorded since 2020. Activity in Q3 2024 rose 14% on Q3 2023.

Ransomware cyber insurance claims frequency decreased by 3%.

Ransomware claims severity decreased by 7% YoY.